[Git][security-tracker-team/security-tracker][master] 3 commits: Add CVE-2021-3156/sudo

Tue Jan 26 18:00:44 GMT 2021


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ebd420fe by Salvatore Bonaccorso at 2021-01-26T17:55:07+01:00
Add CVE-2021-3156/sudo

- - - - -
dc662636 by Salvatore Bonaccorso at 2021-01-26T17:55:56+01:00
Add sudo to {dla,dsa}-needed lists

- - - - -
415056d1 by Salvatore Bonaccorso at 2021-01-26T19:00:27+01:00
Merge branch 'qsa-2021-sudo-CVE-2021-3156'

- - - - -


3 changed files:

- data/CVE/list
- data/dla-needed.txt
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -2607,8 +2607,9 @@ CVE-2021-3158
 	RESERVED
 CVE-2021-3157
 	RESERVED
-CVE-2021-3156
+CVE-2021-3156 [Heap-based buffer overflow]
 	RESERVED
+	- sudo <unfixed>
 CVE-2021-3155
 	RESERVED
 CVE-2021-3154


=====================================
data/dla-needed.txt
=====================================
@@ -138,6 +138,8 @@ spotweb (Sylvain Beucler)
   NOTE: 20201220: Upstream's "fix" is to blacklist all the "bad" SQL commands. (roberto)
   NOTE: 20210122: Upstream fix trivially bypassed, reported at https://github.com/spotweb/spotweb/issues/653
 --
+sudo (Salvatore Bonaccorso)
+--
 thunderbird (Emilio)
 --
 tzdata (Emilio)


=====================================
data/dsa-needed.txt
=====================================
@@ -37,6 +37,8 @@ python-pysaml2
 --
 slurm-llnl (jmm)
 --
+sudo (carnil)
+--
 thunderbird (jmm)
 --
 xcftools



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/668df570e60a60c4358bdd47ce72515235463a17...415056d14089fee27b571a718806a65910f12003

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/668df570e60a60c4358bdd47ce72515235463a17...415056d14089fee27b571a718806a65910f12003
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210126/0922e8a2/attachment.html>
